package com.surfilter.platform.base.servlet;

import java.io.IOException;
import java.util.Set;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.surfilter.platform.base.model.Constants;
import com.surfilter.platform.base.model.ResultCode;
import com.surfilter.platform.base.service.ServiceContext;
import com.surfilter.platform.base.util.ResultDataUtil;
import com.surfilter.platform.data.model.UserModel;

public class SurfilterPermission implements Filter {

	public SurfilterPermission() {

	}

	public void destroy() {

	}

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		HttpServletRequest httpRequest = (HttpServletRequest) request;
		HttpSession session = httpRequest.getSession(true);
		boolean filterFlag = false;
		String moduleName = request.getParameter(Constants.MODULE_TAG);
		String actionName = request.getParameter(Constants.ACTION_TAG);
		String errorMsg = Constants.PERMISSION_ERROR_MSG;
		int errorCode = ResultCode.PERMISSION_ERROR_CODE;

		if (moduleName != null && actionName != null) {
			if (session != null) {// 1：如果不包含Session且action为登陆则doFilter，否则继续验证
				UserModel sessionUser = (UserModel) session
						.getAttribute(Constants.LOGIN_USER_TAG);
				if (sessionUser != null) {// 2：如果未登陆且action为登陆则doFilter，否则继续验证
					if(moduleName.trim().equals(
							Constants.PLATFORM_MODULE_TAG)
							&& actionName.trim().equals(
									Constants.PLATFORM_FILEUPLOAD_TAG))
						filterFlag = true;
					else if (ServiceContext.containsModule(moduleName)
							&& ServiceContext
									.containsAction(moduleName, actionName)) {// 3：登陆后所执行的方法必须包含在全局缓存的模块和Action中
						// 简化权限配置（将可访问权限Actoin初始化时加到用户Session）
						// 判断是否包含访问权限
						Set<String> sessionPermissionActionNames = (Set<String>) session
								.getAttribute(Constants.SESSION_ACTIONS_TAG);

						if (sessionPermissionActionNames.contains(moduleName + Constants.MODULE_ACTION_SEPERATOR
								+ actionName)) {
							filterFlag = true;
						} else {
							filterFlag = false;
							errorCode = ResultCode.PERMISSION_ERROR_CODE;
							errorMsg = Constants.PERMISSION_ERROR_MSG;
						}
					} else {
						filterFlag = false;
						errorCode = ResultCode.SYSTEM_ERROR_CODE;
						errorMsg = Constants.NOT_ACTION_ERROR_MSG;
					}
				} else if (moduleName.trim().equals(
						Constants.PLATFORM_MODULE_TAG)
						&& (actionName.trim().equals(
								Constants.PLATFORM_LOGIN_TAG)||actionName.trim().equals(
										Constants.PLATFORM_CHECK_TAG))) {
					filterFlag = true;
				} else {
					filterFlag = false;
					errorCode = ResultCode.NOT_LOGIN_CODE;
					errorMsg = Constants.NOT_LOGIN_ERROR_MSG;
				}
			} else {
				errorMsg = Constants.NOT_LOGIN_ERROR_MSG;
				errorCode = ResultCode.SYSTEM_ERROR_CODE;
				filterFlag = false;
			}
		} else {
			errorMsg = Constants.NO_MODULE_ACTION_ERROR_MSG;
			errorCode = ResultCode.SYSTEM_ERROR_CODE;
			filterFlag = false;
		}

		if (filterFlag) {
			chain.doFilter(request, response);
		} else {
			String resultData = ResultDataUtil.wrapResultData(false, errorCode,
					errorMsg, null, null);
			HttpServletResponse httpResponse = (HttpServletResponse) response;
			httpResponse.getWriter().write(resultData);
			httpResponse.getWriter().flush();
			httpResponse.getWriter().close();
			return;
		}
	}

	/**
	 * @see Filter#init(FilterConfig)
	 */
	public void init(FilterConfig fConfig) throws ServletException {
		ServiceContext.init();
	}

}
